<!DOCTYPE HTML>
<html>

<head>
  <title>Mimic - Test Extension Page</title>
  <script>
    function requestFile(url) {
      try {
        var xhr = new XMLHttpRequest();
        xhr.open('GET', url, false);
        xhr.send();
      } catch (error) {
        return 'Failed to send request.';
      }

      if (xhr.status != 200) {
        return 'Request failed with status: ' + url + ' : ' + xhr.status;
      }

      return xhr.responseText;
    }
    function updateElement(id, value) {
      var element = document.getElementById(id);
      element && (element.innerHTML = value);
    }
    function inpageRequest1() {
      var url = 'http://TEST_SERVER/~jasonstredwick/xss_file1.txt';
      updateElement('xss-inpage-text1', requestFile(url));
    }
    function inpageRequest2() {
      // TODO (jasonstredwick): Rethink this case since the page does not
      // have access to chrome.extension.getURL to generate a generic url.
      var url = 'chrome://test_extension/content/data/xss_file2.txt';
      updateElement('xss-inpage-text2', requestFile(url));
    }
    function inpageRequest3() {
      var url = 'http://KNOWN_EXTERNAL_SERVER/layer/simple/get';
      updateElement('xss-inpage-text3', requestFile(url));
    }
  </script>
</head>
<body>
  <h2>Test Communication</h2>
  <h3>sendRequest</h3>
  <input id="comm-ping" type="button" value="Ping"><br>
  <input id="comm-received" type="text" disabled>&nbsp;&nbsp;Received</input><br>
  <input id="comm-send" type="text">
    <input id="comm-send-button" type="button" value="Send">
  </input><br>

  <br>
  <h3>connect</h3>
  <input id="conn-ping" type="button" value="Ping"><br>
  <input id="conn-received" type="text" disabled>&nbsp;&nbsp;Received</input><br>
  <input id="conn-send" type="text">
    <input id="conn-send-button" type="button" value="Send">
  </input><br>


  <br><br>
  <h2>Test Browser Action</h2>
  <input id="ba-badge-text" type="text">
    <input id="ba-badge-text-button" type="button" value="Badge Text">
  </input>
  <div style="display: inline-block">
    No more than four characters will display
  </div><br>
  <input id="ba-badge-color" type="color">
    <input id="ba-badge-color-button" type="button" value="Badge Color">
  </input>
  <div style="display: inline-block">eg. #000 or #FF00FF</div><br>
  <input id="ba-title" type="text">
    <input id="ba-title-button" type="button" value="Title">
  </input><br>

  <br><br>
  <h2>Test Window Create</h2>
  <!--input id="window-features" type="text">&nbsp;&nbsp;Features</input><br-->
  <div>
    <h3>Window Type: </h3>
    <input id="window-normal" type="radio" name="type">Normal</input>
    <input id="window-popup" type="radio" name="type">Popup</input>
  </div><br>
  <input id="window-left" type="text">&nbsp;&nbsp;Left</input><br>
  <input id="window-top" type="text">&nbsp;&nbsp;Top</input><br>
  <input id="window-width" type="text">&nbsp;&nbsp;Width</input><br>
  <input id="window-height" type="text">&nbsp;&nbsp;Height</input><br>
  <input id="window-create" type="text">
    <input id="window-create-button" type="button" value="Open">
  </input><br>
  <div id="window-object"></div>

  <br><br>
  <h2>Test chrome.extension.getURL</h2>
  <input id="get-url-base-button" type="button" value="Request">
  <div id="get-url-base-text" style="display: inline-block">
    Base Chrome URL is:
  </div><br>
  <input id="get-url-1-button" type="button" value="Request">
  <div id="get-url-1-text" style="display: inline-block">
      Chrome URL /path/file1.html is:
  </div><br>
  <input id="get-url-2-button" type="button" value="Request">
  <div id="get-url-2-text" style="display: inline-block">
    Chrome URL path/file2.html is:
  </div><br>

  <br><br>
  <h2>Test XSS</h2>
  <div>http://TEST_SERVER/~jasonstredwick/xss_file1.txt</div>
  <input id="xss-inpage-button1" type="button" value="In Page Request"
         onclick="inpageRequest1();">
  <div id="xss-inpage-text1" style="display: inline-block">
  </div><br><br>
  <div>chrome://test_extension/content/data/xss_file2.txt</div>
  <input id="xss-inpage-button2" type="button" value="In Page Request"
         onclick="inpageRequest2();">
  <div id="xss-inpage-text2" style="display: inline-block">
  </div><br><br>
  <div>http://KNOWN_EXTERNAL_SERVER/layer/simple/get</div>
  <input id="xss-inpage-button3" type="button" value="In Page Request"
         onclick="inpageRequest3();">
  <div id="xss-inpage-text3" style="display: inline-block">
  </div><br><br>
  <div>http://TEST_SERVER/~jasonstredwick/xss_file1.txt</div>
  <input id="xss-cs-same-button" type="button"
         value="Request via Content Script">
  <div id="xss-cs-same-text" style="display: inline-block">
  </div><br><br>
  <div>chrome://test_extension/content/data/xss_file2.txt</div>
  <input id="xss-cs-chrome-button" type="button"
         value="Request via Content Script">
  <div id="xss-cs-chrome-text" style="display: inline-block">
  </div><br><br>
  <div>http://KNOWN_EXTERNAL_SERVER/layer/simple/get</div>
  <input id="xss-cs-server-button" type="button"
         value="Request via Content Script">
  <div id="xss-cs-server-text" style="display: inline-block">
  </div><br><br>
  <div>http://TEST_SERVER/~jasonstredwick/xss_file1.txt</div>
  <input id="xss-bg-same-button" type="button" value="Request via Background">
  <div id="xss-bg-same-text" style="display: inline-block">
  </div><br><br>
  <div>chrome://test_extension/content/data/xss_file2.txt</div>
  <input id="xss-bg-chrome-button" type="button" value="Request via Background">
  <div id="xss-bg-chrome-text" style="display: inline-block">
  </div><br><br>
  <div>http://KNOWN_EXTERNAL_SERVER/layer/simple/get</div>
  <input id="xss-bg-server-button" type="button"
         value="Request via Background">
      Must OTP before using.<br>
  <div id="xss-bg-server-text" style="display: inline-block">
  </div><br><br>

</body>

</html>

